Cypherpunks repositories - gostls13.git/commit

author	Joe Richey joerichey@google.com <joerichey@google.com>
	Mon, 22 May 2017 21:36:43 +0000 (14:36 -0700)
committer	Brad Fitzpatrick <bradfitz@golang.org>
	Tue, 23 May 2017 04:54:42 +0000 (04:54 +0000)
commit	95d991d30c59edc4943bd8baf5c664c5f8b1cebe
tree	efabf1b073677a2d19e8d6b3eedc030c91f0301a	tree
parent	f3f29d1dea525f48995c1693c609f5e67c046893	commit \| diff

crypto/rand: use blocking getrandom call on Linux when supported

By changing getRandomLinux to immediately use the getrandom() syscall
without GRND_NONBLOCK, we now only fall back to reading from
/dev/urandom on Linux if the kernel does not support the getrandom()
syscall. This means reads for crypto/rand will now block if the kernel
has insufficient entropy on Linux kernels after v3.16.

Before, if the kernel had insufficient entropy, it would fall back to
reading from /dev/urandom. This would potentially return predictable
data.

Fixes #19274

Change-Id: I1cb081ce2f3096f18ad2820e52ecdbd993dc2afc
Reviewed-on: https://go-review.googlesource.com/43852
Reviewed-by: Filippo Valsorda <hi@filippo.io>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>